<?php
/**
 * gpa_demo Description
 * @package 
 * @name logincheck
 * @filesource login-check.php
 * @author Meta Sanjaya
 */

if(count($_POST)) {
    $username = escape($_POST['wgt_user_username']);
    $password = pwd_gen($_POST['wgt_user_password'], $username);

    $user = $db->query("SELECT a.user_id, a.username, a.display_email, a.active, b.name, b.email FROM #_users a JOIN #_users_profile b ON a.user_id=b.user_id WHERE a.username='$username' AND `pwd`='$password'")->rows;

    $return = array();

    if(count($user)) {
        if(!$user[0]['active']) {
            $return['result'] = false;
            $return['message'] = "your account is inactive!";
        } else {
            unset($user[0]['active']);
            $_SESSION['user'] = $user[0];
            $return['result'] = true;
            $return['message'] = "";
        }
    } else {
        $return['result'] = false;
        $return['message'] = "username and password doesn't match or you haven't registered yet!";
    }

    //header('content-type: text/json');
    echo json_encode($return);
}

?>
